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CLAIM AMENDMENTS 



1 1 . (Currently Amended) A method for communicating a session key from a first 

2 multicast proxy service node of a secure multicast group to a plurality of other 

3 multicast proxy service nodes of the secure multicast group in a communication 

4 network, wherein each of the multicast proxy service nodes is capable of establishing 

5 multicast communication and serving as a key distribution center, the method 

6 comprising the steps of: 

7 creating and storing an original group session key associated with the secure multicast 

8 group in a first directory that is based on the Lightweight Directory Access 

9 Protocol (LDAP) directory standard ; 

10 authenticating the first multicast proxy service node with a subset of the multicast 

1 1 proxy service nodes that are affected by an addition of the first multicast proxy 

12 service node to the secure multicast group, based on the original group session 

1 3 key stored in the first director y that is based on the LDAP directory standard ; 

14 receiving a plurality of private keys from the subset of the multicast proxy service 

15 nodes; 

16 receiving a new group session key for the secure multicast group, for use after addition 

1 7 of the first multicast proxy service node, from a local multicast proxy service 

1 8 node that has received the original group session key through periodic 

1 9 replication of the first director y that is based on the LDAP directory standard ; 

20 communicating the new group session key to the first multicast proxy service node; 

21 and 

22 communicating a message to the subset of the multicast proxy service nodes that 

23 causes the subset of the multicast proxy service nodes to update their private 

24 keys. 
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1 2. (Currently Amended) A method as recited in Claim 1, wherein authenticating the first 

2 multicast proxy service node includes authenticating the first multicast proxy service 

3 node based on a second director y that is based on the LDAP directory standard and 

4 that comprises a directory system agent (DSA) that communicates with one or more of 

5 the multicast proxy service nodes and a replication service agent (RS A) that replicates 

6 attribute information of the one or more multicast proxy service nodes. 

1 3. (Currently Amended) A method as recited in Claim 1, wherein receiving the new 

2 group session key includes receiving the new group session key from a node of a 

3 second director y that is based on the LDAP directory standard and that comprises a 

4 directory system agent (DSA) for communicating with one or more of the multicast 

5 proxy service nodes and a replication service agent (RSA) for replicating key 

6 information of the one or more multicast proxy service nodes. 

1 4. (Currently Amended) A method as recited in Claim 3, further comprising the step of 

2 signaling the replication service agent to carry out replication by storing an updated 

3 group session key in a local node copy of the first director y that is based on the LDAP 

4 directory standard , 

1 5. (Currently Amended) A method as recited in Claim 1, further comprising distributing 

2 the original group session key to all nodes by: 

3 creating and storing the original group session key using a first second multicast proxy 

4 service node of one domain of the first director y that is based on the LDAP 

5 directory standard ; 

6 replicating the first director y that is based on the LDAP directory standard ; and 

7 obtaining the original group session key from a local multicast proxy service node that 

8 is a replica of the first multicast proxy service node. 
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1 6. (Currently Amended) A method as recited in Claim 1, further comprising distributing 

2 the new group session key to all nodes byi 

3 creating and storing the new group session key using a first multicast proxy service 

4 node of one domain of the first director y that is based on the LDAP directory 

5 standard ; 

6 replicating the first director y that is based on the LDAP directory standard ; and 

7 obtaining the new group session key from a local multicast proxy service node that is a 

8 replica of the first multicast proxy service node. 

1 7. (Currently Amended) A communication system for communicating a session key 

2 from a first multicast proxy service node of a secure multicast group to a plurality of 

3 other multicast proxy service nodes of the secure multicast group in a communication 

4 network, wherein each of the multicast proxy service nodes is capable of establishing 

5 multicast communication and serving as a key distribution center, the communication 

6 system comprising: 

7 a group controller that creates and manages secure multicast communication among 

8 the other multicast proxy service nodes, having a private key; 

9 a computer-readable medium comprising one or more instructions which, when 

10 executed by one or more processors, cause the one or more processors to carry 

1 1 out the steps of: 

12 creating and storing an original group session key associated with the secure multicast 

1 3 group in a first director y that is based on the Lightweight Directory Access 

14 Protocol (LDAP) directory standard ; 

1 5 authenticating the first multicast proxy service node with a subset of the multicast 

1 6 proxy service nodes that are affected by an addition of the multicast proxy 

17 service node to the secure multicast group, based on the original group session 

1 8 key stored in the first director y that is based on the LDAP directory standard ; 

1 9 receiving a plurality of private keys from the subset of the multicast proxy service 

20 nodes; 
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2 1 receiving a new group session key for the secure multicast group, for use after addition 

22 of the first multicast proxy service node, from a local multicast proxy service 

23 node that has received the original group session key through periodic 

24 replication of the first director y that is based on the LDAP directory standard ; 

25 communicating the new group session key to the first multicast proxy service node; 

26 and 

27 communicating a message to the subset of the multicast proxy service nodes that 

28 causes the subset of the multicast proxy service nodes to update their private 

29 keys. 

1 8-10. (Cancelled) 

1 11. (Currently Amended) A communication system for creating a secure multicast or 

2 broadcast group, the communication system comprising: 

3 a plurality of multicast proxy service nodes, each node of the plurality of multicast 

4 proxy service nodes having attribute information comprising a group 

5 identification value for uniquely identifying a particular node of the multicast 

6 proxy service nodes, and 

7 a directory that is based on the LDAP directory standard and that comprises 

8 comprising a directory system agent (DSA) for communicating with one or 

9 more of the multicast proxy service nodes to authenticate each of the multicast 

10 proxy service nodes and a replication service agent (RSA) for replicating the 

1 1 attribute information of the one or more multicast proxy service nodes; 

12 wherein one of the multicast proxy service nodes generates a first group session key 

13 for establishing the secure multicast or broadcast group among the plurality of 

14 multicast proxy service nodes and distributes the first group session key to 

1 5 other multicast proxy service nodes in the secure multicast or broadcast group 

1 6 using directory replication of the directory that is based on the Lightweight 

17 Directory Access Protocol (LDAP) directory standard . 

1 12. (Cancelled) 
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1 13. (Currently Amended) A computer-readable medium carrying one or more sequences 

2 of instructions for communicating a session key from a first multicast proxy service 

3 node of a secure multicast group to a plurality of other multicast proxy service nodes 

4 of the secure multicast group in a communication network, wherein each of the 

5 multicast proxy service nodes is capable of establishing multicast communication and 

6 serving as a key distribution center, wherein execution of the one or more sequences of 

7 instructions by one or more processors causes the one or more processors to perform 

8 the steps of: 

9 creating and storing an original_group session key associated with the secure multicast 

10 group in a first director y that is based on the Lightweight Directory Access 

11 Protocol (LDAP) directory standard ; 

12 authenticating the first multicast proxy service node with a subset of the multicast 

13 proxy service nodes that are affected by an addition of the first multicast proxy 

14 service node to the secure multicast group, based on the original group session 

1 5 key stored in the first director y that is based on the LDAP directory standard ; 

16 receiving a plurality of private keys from the subset of the multicast proxy service 

17 nodes; 

1 8 receiving a new group session key for the secure multicast group for use after addition 

19 of the first multicast proxy service node from a local multicast proxy service 

20 node that has received the original group session key through periodic 

21 replication of the first director y that is based on the LDAP directory standard ; 

22 communicating the new group session key to the first multicast proxy service node; 

23 and 

24 communicating a message to the subset of the multicast proxy service nodes that 

25 causes the subset of the multicast proxy service nodes to update their private 

26 keys. 
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1 14. (Currently Amended) A computer-readable medium as recited in Claim 13, wherein 

2 the instructions for authenticating the first multicast proxy service node further 

3 comprises instructions which, when executed by the one or more processors, cause the 

4 one or more processors to carry out the steps of authenticating the first multicast proxy 

5 service node based on a second directory that is based on the LDAP directory standard 

6 mid that comprises a directory system agent (DSA) that communicates with one or 

7 more of the multicast proxy service nodes and a replication service agent (RSA) that 

8 replicates attribute information of the one or more multicast proxy service nodes. 

1 15. (Currently Amended) A computer-readable medium as recited in Claim 13, wherein 

2 the instructions for receiving the new group session key further comprises instructions 

3 which, when executed by the one or more processors, cause the one or more 

4 processors to carry out the step of receiving the new group session key from a node of 

5 a second director y that is based on the LDAP directory standard and that comprises a 

6 directory system agent (DSA) for communicating with one or more of the multicast 

7 proxy service nodes and a replication service agent (RSA) for replicating key 

8 information of the one or more multicast proxy service nodes. 

1 16. (Currently Amended) A computer-readable medium as recited in Claim 15, further 

2 comprising instructions which, when executed by the one or more processors, cause 

3 the one or more processors to carry out the step of signaling the replication service 

4 agent to carry out replication by storing an updated group session key in a local nod e 

5 copy of the first director y that is based on the LDAP directory standard . 
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1 17. (Currently Amended) A computer-readable medium as recited in Claim 13, further 

2 comprising instructions which, when executed by the one or more processors, cause 

3 the one or more processors to carry out the steps of distributing the original group 

4 session key to all nodes by: 

5 creating and storing the original group session key using a fifst second multicast proxy 

6 service node of one domain of the first director y that is based on the LDAP 

7 directory standard ; 

8 replicating the first director y that is based on the LDAP directory standard ; and 

9 obtaining the original group session key from a local multicast proxy service node that 
10 is a replica of the first multicast proxy service node. 

1 18. (Currently Amended) A computer-readable medium as recited in Claim 13, further 

2 comprising instructions which, when executed by the one or more processors, cause 

3 the one or more processors to carry out the steps of distributing the new group session 

4 key to all nodes byi 

5 creating and storing the new group session key using a first multicast proxy service 

6 node of one domain of the first director y that is based on the LDAP directory 

7 standard ; 

8 replicating the first director y that is based on the LDAP directory standard ; and 

9 obtaining the new group session key from a local multicast proxy service node that is a 
10 replica of the first multicast proxy service node. 
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1 19. (Currently Amended) A communication system as recited in Claim 7, wherein the one 

2 or more instructions for authenticating the first multicast proxy service node further 

3 comprise one or more instructions which, when executed by the one or more 

4 processors, cause the one or more processors to carry out the step of: 

5 authenticating the first multicast proxy service node based on a second director y that is 

6 based on the LDAP directory standard and that comprises a directory system 

7 agent (DSA) that communicates with one or more of the multicast proxy 

8 service nodes and a replication service agent (RSA) that replicates attribute 

9 information of the one or more multicast proxy service nodes. 

1 20. (Currently Amended) A communication system as recited in Claim 7, wherein the one 

2 or more instructions for receiving the new group session key further comprise one or 

3 more instructions which, when executed by the one or more processors, cause the one 

4 or more processors to carry out the step of: 

5 receiving the new group session key from a node of a second director y that is based on 

6 the LDAP directory standard and that comprises a directory system agent 

7 (DSA) for communicating with one or more of the multicast proxy service 

8 nodes and a replication service agent (RSA) for replicating key information of 

9 the one or more multicast proxy service nodes. 

1 21 . (Currently Amended) A communication system as recited in Claim 20, further 

2 comprising one or more instructions which, when executed by the one or more 

3 processors, cause the one or more processors to carry out the step of signaling the 

4 replication service agent to carry out replication by storing an updated group session 

5 key in a local node copy of the first director y that is based on the LDAP directory 

6 standard. 
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1 22. (Currently Amended) A communication system as recited in Claim 7, further 

2 comprising one or more instructions which, when executed by the one or more 

3 processors, cause the one or more processors to carry out the steps of distributing the 

4 original group session key to all nodes byi 

5 creating and storing the original group session key using a first second multicast proxy 

6 service node of one domain of the first director y that is based on the LDAP 

7 directory standard ; 

8 replicating the first director y that is based on the LDAP directory standard ; and 

9 obtaining the original group session key from a local multicast proxy service node that 
10 is a replica of the first multicast proxy service node. 

1 23. (Currently Amended) A communication system as recited in Claim 7, further 

2 comprising one or more instructions which, when executed by the one or more 

3 processors, cause the one or more processors to carry out the step of distributing the 

4 new group session key to all nodes by: 

5 creating and storing the new group session key using a first multicast proxy service 

6 node of one domain of the first director y that is based on the LDAP directory 

7 standard ; 

8 replicating the first director y that is based on the LDAP directory standard ; and 

9 obtaining the new group session key from a local multicast proxy service node that is a 
1 0 replica of the first multicast proxy service node. 

1 24. (Previously Presented) A communication system as recited in Claim 11, further 

2 comprising: 

3 a plurality of client nodes coupled to one of the multicast proxy service nodes, the one 

4 multicast proxy service node creating a secure multicast or broadcast client 

5 group that is separate from the secure multicast or broadcast group. 
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1 25. (Previously Presented) A communication system as recited in Claim 11, wherein the 

2 plurality of multicast proxy service nodes form a logical arrangement of the plurality 

3 of multicast proxy service nodes according to a tree structure, the tree structure having 

4 a root node, one or more intermediate nodes, and one or more leaf nodes, one of the 

5 multicast proxy service nodes being designated as a primary multicast proxy service 

6 node, the primary multicast proxy service node being mapped to the root node, the 

7 other multicast proxy service nodes having private keys corresponding to the group 

8 identification values and being mapped to the one or more intermediate nodes and the 

9 one or more leaf nodes. 

1 26. (New) An apparatus for communicating a session key from a first multicast proxy 

2 service node of a secure multicast group to a plurality of other multicast proxy service 

3 nodes of the secure multicast group in a communication network, wherein each of the 

4 multicast proxy service nodes is capable of establishing multicast communication and 

5 serving as a key distribution center, the apparatus comprising: 

6 means for creating and storing an original group session key associated with the secure 

7 multicast group in a first directory that is based on the Lightweight Directory 

8 Access Protocol (LDAP) directory standard; 

9 means for authenticating the first multicast proxy service node with a subset of the 

10 multicast proxy service nodes that are affected by an addition of the first 

1 1 multicast proxy service node to the secure multicast group, based on the 

12 original group session key stored in the first directory that is based on the 

13 LDAP directory standard; 

14 means for receiving a plurality of private keys from the subset of the multicast proxy 

15 service nodes; 

16 means for receiving a new group session key for the secure multicast group, for use 

1 7 after addition of the first multicast proxy service node, from a local multicast 

1 8 proxy service node that has received the original group session key through 

19 periodic replication of the first directory that is based on the LDAP directory 

20 standard; 
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21 means for communicating the new group session key to the first multicast proxy 

22 service node; and 

23 means for communicating a message to the subset of the multicast proxy service nodes 

24 that causes the subset of the multicast proxy service nodes to update their 

25 private keys. 

1 27. (New) An apparatus as recited in Claim 26, wherein the means for authenticating the 

2 first multicast proxy service node includes means for authenticating the first multicast 

3 proxy service node based on a second directory that is based on the LDAP directory 

4 standard and that comprises a directory system agent (DSA) that communicates with 

5 one or more of the multicast proxy service nodes and a replication service agent (RS A) 

6 that replicates attribute information of the one or more multicast proxy service nodes. 

1 28. (New) An apparatus as recited in Claim 26, wherein the means for receiving the new 

2 group session key includes means for receiving the new group session key from a node 

3 of a second directory that is based on the LDAP directory standard and that comprises 

4 a directory system agent (DSA) for communicating with one or more of the multicast 

5 proxy service nodes and a replication service agent (RSA) for replicating key 

6 information of the one or more multicast proxy service nodes. 

1 29. (New) An apparatus as recited in Claim 28, further comprising means for signaling 

2 the replication service agent to carry out replication by storing an updated group 

3 session key in a local copy of the first directory that is based on the LDAP directory 

4 standard. 

1 30. (New) An apparatus as recited in Claim 26, further comprising means for distributing 

2 the original group session key to all nodes by: 

3 creating and storing the original group session key using a second multicast proxy 

4 service node of one domain of the first directory that is based on the LDAP 

5 directory standard; 

6 replicating the first directory that is based on the LDAP directory standard; and 
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7 obtaining the original group session key from a local multicast proxy service node that 

8 is a replica of the first multicast proxy service node. 

1 31. (New) An apparatus as recited in Claim 26, further comprising means for distributing 

2 the new group session key to all nodes by: 

3 creating and storing the new group session key using a first multicast proxy service 

4 node of one domain of the first directory that is based on the LDAP directory 

5 standard; 

6 replicating the first directory that is based on the LDAP directory standard; and 

7 obtaining the new group session key from a local multicast proxy service node that is a 

8 replica of the first multicast proxy service node. 
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